Hide Forgot
Description of problem: Packages use zlib from minizip may experience crashes recently, for example, quazip package. Because of one of the function of zlib breaks backward compatibility. Version-Release number of selected component (if applicable): minizip-1.2.5-2.fc14.i686 How reproducible: Everytime call function unzGetCurrentFileInfo with NULL as pfile_info. extern int ZEXPORT unzGetCurrentFileInfo (unzFile file, unz_file_info * pfile_info, char * szFileName, uLong fileNameBufferSize, void *extraField, uLong extraFieldBufferSize, char* szComment, uLong commentBufferSize) Actual results: SIGSEGV Expected results: Accept NULL parameter and do nothing about it. Proposed Patch: --- zlib-1.2.5.bak/contrib/minizip/unzip.c 2011-02-15 15:14:11.759197952 +0000 +++ zlib-1.2.5/contrib/minizip/unzip.c 2011-02-15 15:14:57.620493214 +0000 @@ -1145,7 +1145,7 @@ szFileName,fileNameBufferSize, extraField,extraFieldBufferSize, szComment,commentBufferSize); - if (err==UNZ_OK) + if (pfile_info && err==UNZ_OK) { pfile_info->version = file_info64.version; pfile_info->version_needed = file_info64.version_needed;